CN111695155A - Big data safe storage method - Google Patents

Big data safe storage method Download PDF

Info

Publication number
CN111695155A
CN111695155A CN202010538821.6A CN202010538821A CN111695155A CN 111695155 A CN111695155 A CN 111695155A CN 202010538821 A CN202010538821 A CN 202010538821A CN 111695155 A CN111695155 A CN 111695155A
Authority
CN
China
Prior art keywords
data
target
sub
actual
feature parameters
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202010538821.6A
Other languages
Chinese (zh)
Inventor
宋运动
杨宗腾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Zhilixin Information Technology Co ltd
Original Assignee
Zhengzhou Zhilixin Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Zhilixin Information Technology Co ltd filed Critical Zhengzhou Zhilixin Information Technology Co ltd
Priority to CN202010538821.6A priority Critical patent/CN111695155A/en
Publication of CN111695155A publication Critical patent/CN111695155A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Evolutionary Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a big data safe storage method, which comprises the steps of obtaining initial data information, classifying the initial data information, obtaining a target data table according to the classified initial data information, encrypting the target data table to obtain an encrypted data table and a secret key, obtaining a target face characteristic parameter and a target voiceprint characteristic parameter, associating the four data information, obtaining an actual face characteristic parameter and an actual voiceprint characteristic parameter of a data extraction person during data extraction, and outputting the encrypted data table and the secret key if the similarity between the actual face characteristic parameter and the target face characteristic parameter and the similarity between the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter are larger. Through encrypting and associating target face characteristic parameter, target voiceprint characteristic parameter, encrypted data table and secret key, the risk of data loss or theft is reduced, even if data loss or theft occurs, data leakage can not be caused, and the safety of data storage is improved.

Description

Big data safe storage method
Technical Field
The invention relates to a big data safe storage method.
Background
In recent years, with the advent of the information age, the relevant data processing capability for large data is particularly important for the development of information technology. The rapid increase in data volume is predictive of the fact that the era of big data has now entered, and accordingly, the problem of storing big data is of great importance. At present, the existing big data storage method is only to simply store the big data into the related storage system, the security is poor, and the data is easy to lose or be stolen.
Disclosure of Invention
The invention aims to provide a big data safe storage method which is used for solving the problem that the existing big data storage method is poor in safety.
In order to solve the problems, the invention adopts the following technical scheme:
a big data secure storage method comprises the following steps:
acquiring initial data information;
classifying the initial data information to obtain N-type data information, recording the data types of various sub-data information, and associating each data type with each sub-data information; wherein N is more than or equal to 2;
establishing an initial blank data table, wherein the initial blank data table comprises N sub data filling sub tables, each sub data filling sub table corresponds to each sub data information one by one, and each sub data filling sub table comprises a sub data information filling area and a sub data type filling area;
for any seed data information, filling the sub data information into a sub data information filling area in a corresponding sub data filling sub table, and filling the data type into a sub data type filling area in a corresponding sub data filling sub table to obtain a target data table;
encrypting the target data table according to a preset encryption algorithm to obtain an encrypted data table, and generating a key for decrypting the encrypted data table;
acquiring a target face image of a person with data access authority and a specific target voice segment of the person with the data access authority;
extracting facial image features of the target face image to obtain target facial feature parameters, and extracting voiceprints of the target voice segment to obtain target voiceprint feature parameters;
associating the target facial feature parameter, the target voiceprint feature parameter, the encrypted data table and the key;
acquiring an actual face image of a data extraction person and an actual voice section of the data extraction person;
extracting facial image features of the actual facial image to obtain actual facial feature parameters, and extracting voiceprint of the actual voice segment to obtain actual voiceprint feature parameters;
comparing the actual facial feature parameters with the target facial feature parameters, and comparing the actual voiceprint feature parameters with the target voiceprint feature parameters;
and if the similarity between the actual face characteristic parameter and the target face characteristic parameter is greater than or equal to a preset face characteristic similarity threshold value, and the similarity between the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter is greater than or equal to a preset voiceprint characteristic similarity threshold value, outputting the encrypted data table and the secret key.
Optionally, the encrypting the target data table according to a preset encryption algorithm to obtain an encrypted data table, and generating a key for decrypting the encrypted data table includes:
carrying out format conversion on the target data table, and converting the target data table into a PDF file;
and encrypting the PDF file according to the encryption algorithm to obtain a PDF encrypted file, wherein the PDF encrypted file is the encrypted data table, and the secret key is used for decrypting the PDF encrypted file.
Optionally, the big data secure storage method further includes:
storing the PDF encrypted file into a memory database, and backing up the PDF encrypted file into a disk database at the same time;
detecting the storage duration of the PDF encrypted file in the memory database;
and comparing the storage time length of the PDF encrypted file in the memory database with a preset storage time length, and deleting the PDF encrypted file from the memory database when the storage time length of the PDF encrypted file in the memory database is longer than the preset storage time length.
Optionally, the associating the target facial feature parameter, the target voiceprint feature parameter, the encryption database, and the key includes:
constructing a data storage database according to the target facial feature parameters, the target voiceprint feature parameters, the encryption database and the secret key, wherein the data storage database comprises the target facial feature parameters, the target voiceprint feature parameters, the encryption database and the secret key;
correspondingly, the comparing the actual facial feature parameters with the target facial feature parameters, and the comparing the actual voiceprint feature parameters with the target voiceprint feature parameters includes:
inputting the actual facial feature parameters into the data storage database, comparing the actual facial feature parameters with the target facial feature parameters, inputting the actual voiceprint feature parameters into the data storage database, and comparing the actual voiceprint feature parameters with the target voiceprint feature parameters.
The invention has the beneficial effects that: classifying the initial data information to obtain a data type and corresponding subdata information, establishing an initial blank data table, filling the corresponding data type and the subdata information into the initial blank data table to obtain a target data table, encrypting the target data table to obtain an encrypted target data table and a key, and encrypting the target data table to prevent data leakage and improve data security even if the target data table is lost or stolen; obtaining target face characteristic parameters and target voiceprint characteristic parameters according to a target face image and a specific target voice section of a person with data access authority, associating the target face characteristic parameters, the target voiceprint characteristic parameters, an encrypted data table and a secret key, obtaining an actual face image and an actual voice section of the data extraction person during data extraction, carrying out face image characteristic extraction on the actual face image to obtain actual face characteristic parameters, carrying out voiceprint extraction on the actual voice section to obtain actual voiceprint characteristic parameters, wherein only the similarity between the actual face characteristic parameters of the data extraction person and the target face characteristic parameters is greater than or equal to a preset face characteristic similarity threshold, and the similarity between the actual voiceprint characteristic parameters of the data extraction person and the target voiceprint characteristic parameters is greater than or equal to a preset voiceprint characteristic similarity threshold, the authentication can pass, and the encrypted data table and the key are output. Therefore, the big data safe storage method has the advantages that the data table is encrypted, the target face characteristic parameter, the target voiceprint characteristic parameter, the encrypted data table and the secret key are correlated, the encrypted data table and the secret key are output only after the identity verification is passed, the risk of data loss or data theft is greatly reduced, even if the data are lost or stolen, data leakage cannot be caused, and the safety of data storage is improved.
Drawings
Fig. 1 is a schematic flow chart of a big data secure storage method provided by the present invention.
Detailed Description
The embodiment provides a big data safe storage method, and an execution main body of the big data safe storage method can be a notebook computer, a desktop computer, a server, an intelligent mobile terminal and the like.
As shown in fig. 1, the big data secure storage method includes:
acquiring initial data information:
the initial data information is initial big data information, and in order to acquire the initial data information, the execution main body can be in communication connection with various data acquisition devices or in communication connection with data forwarding devices. The specific category of the data acquisition equipment is determined by the application scenario of the big data security storage method, namely, by specific data information. Such as: if the big data safety storage method is applied to a power grid, the initial data information is the big data information of the power grid, and then the data acquisition equipment is the acquisition equipment of various electrical parameters in the power grid, for example: voltage sensors, current sensors, breaker switch status sensors, fault sensors, etc.; if the big data security storage method is applied to a hospital, the initial data information is medical data of a large number of patients, and then the data acquisition devices are various medical data acquisition devices in the hospital, for example: electrocardiography, glucometer, chest-puncture, B-ultrasonic, etc.
It should be understood that the initial data information may also be retrieved directly from the database.
Various data acquisition devices output acquired initial data information to an execution subject.
Classifying the initial data information to obtain N-type data information, recording the data types of various sub-data information, and associating each data type with each sub-data information; wherein N is more than or equal to 2:
because the types of the obtained initial data information are at least two, the initial data information is classified to obtain N types of sub-data information, wherein N is more than or equal to 2, namely the initial data information is divided into at least two types of sub-data information. And recording the data types of the various sub-data information, and then associating the data types with the sub-data information, namely establishing the corresponding relation between the data types and the sub-data information.
Under different application scenarios, the classification number of the initial data information and the specific types of each type of sub data information are different, for example: if the initial data information is the power grid big data information, the initial data information can be divided into three types, and the data types are as follows: the circuit breaker comprises electric analog quantity data, switching quantity data and fault data, wherein the electric analog quantity data can comprise current data, voltage data and power data on each section of line, the switching quantity data can comprise a breaker switching signal on each section of line, and the fault data can comprise fault data on each section of line. Associating each data type with each sub-data information, namely establishing a corresponding relationship between each data type and each sub-data information, specifically: the electric analog quantity data specifically corresponds to current data, voltage data and power data, the switching quantity data specifically corresponds to a circuit breaker switching signal, and the fault data specifically corresponds to fault data.
If the initial data information is medical data, the initial data information can be divided into two types, and the data types are as follows: quantitative data with specific values and state data without specific values, wherein the quantitative data comprises a heartbeat value per minute, a blood sugar value, a blood pressure value and the like, and the state data comprises a chest X-ray condition description, a B-type ultrasonic condition description and the like. Associating each data type with each sub-data information, namely establishing a corresponding relationship between each data type and each sub-data information, specifically: the quantitative data specifically correspond to a heartbeat value, a blood sugar value and a blood pressure value per minute, and the state data specifically correspond to a chest X-ray condition description and a B-ultrasonic condition description. As another embodiment, if the initial data information is medical data, the initial data information may be classified according to other classification criteria, for example, according to data of a surgery, and the data types are: medical data and surgical medical data.
Establishing an initial blank data table, wherein the initial blank data table comprises N sub data filling sub tables, each sub data filling sub table corresponds to each sub data information one by one, and each sub data filling sub table comprises a sub data information filling area and a sub data type filling area:
and establishing an initial blank data table, wherein the initial blank data table comprises N sub data filling sub tables, namely the number of the sub data filling sub tables is equal to the number of the types of the sub data information, and each sub data filling sub table corresponds to each sub data information one by one. And, for any one of the sub data padding sub tables, the sub data padding sub table includes two areas, which are a sub data information padding area and a sub data type padding area, respectively. The sub data information filling area is used for filling the sub data information, and the sub data type filling area is used for filling the data type.
Table 1 shows a specific implementation of the initial blank data table, which includes four sub data padding sub tables, namely, a sub data padding sub table a, a sub data padding sub table B, a sub data padding sub table C, and a sub data padding sub table D. Also, for any one of the sub data padding sub tables, a sub data information padding area and a sub data type padding area are included, such as: for the sub data fill sub table a, a sub data information fill area a1 and a sub data type fill area a2 are included.
TABLE 1
A1 A2 B1 B2
C1 C2 D1 D2
For any seed data information, filling the sub data information into a sub data information filling area in a corresponding sub data filling sub table, and storing the data type into a sub data type filling area in a corresponding sub data filling sub table to obtain a target data table:
for any seed data information, filling the sub data information into a sub data information filling area in a corresponding sub data filling sub table, and filling a data type into a sub data type filling area in a corresponding sub data filling sub table, such as: setting a certain sub data information as sub data information N, setting a data type corresponding to the sub data information N as M, filling the sub data information N into a sub data information filling area A1 in the sub data filling sub table A and filling the data type M into a sub data type filling area A2 in the sub data filling sub table A, wherein the sub data information corresponds to the sub data filling sub table A in the table 1. The processing procedure of other sub data information is the same as the above processing procedure. And finally filling all kinds of subdata information and corresponding data types into the table 1 to obtain a target data table.
Encrypting the target data table according to a preset encryption algorithm to obtain an encrypted data table, and generating a key for decrypting the encrypted data table:
the execution main body is internally provided with an encryption algorithm which is used for encrypting the target data table, and the encrypted target data table is an encrypted data table. Furthermore, the encryption algorithm generates a key, such as an open password, for decrypting the encrypted data table when encrypting the target data table.
In order to improve the security of data, this embodiment provides a specific encryption process: in this embodiment, the target data table may be in doc format or xls format, and then, the format of the target data table is converted into a PDF file. If the target data table is in doc format, converting the doc format into PDF format; and if the target data table is in the xls format, converting the xls format into the PDF format. Because the document with doc format is converted into the document with PDF format, or the document with xls format is converted into the document with PDF format, the method belongs to the conventional technical means, and is not repeated.
And encrypting the PDF file according to an encryption algorithm to obtain the PDF encrypted file. The encryption mode may be to set an open password for the PDF file, and when the PDF encrypted file is opened, the correct open password needs to be input. As the encryption algorithm for encrypting the PDF file belongs to the conventional technical means, the description is not repeated. The obtained PDF encrypted file is the encrypted data table in the above. During encryption, a key is generated, wherein the key is an opening password of the PDF encrypted file and is used for decrypting the PDF encrypted file. The key corresponds to an encryption algorithm, and is a random or specific character string generated when the PDF file is encrypted, and the character string may be composed of numbers and/or letters.
Acquiring a target face image of a person with data access authority and a specific target voice segment of the person with data access authority:
the person with data access authority, as the name implies, is the person with data storage authority and data extraction authority, especially has data extraction authority, and can be set according to actual use scenarios, such as: a person in charge of the supervision of electricity exclusively, or a person in charge of a hospital monitoring room. Usually, one person is the person having the data access right, but the case of a plurality of persons is not excluded.
The execution subject collects the face image of the person with data access authority through a face image collecting device (such as a camera), and collects a specific target voice segment of the person with data access authority through a voice collecting device (such as a microphone) as a target face image. The target speech segment is used for voiceprint extraction to obtain voiceprint information, and therefore, in order to reliably extract a voiceprint, the target speech segment can be a specific statement which is set according to actual needs, such as "please extract a voiceprint" or "please authenticate".
Extracting facial image features of the target face image to obtain target facial feature parameters, extracting voiceprints of the target voice segment to obtain target voiceprint feature parameters:
the execution main body is internally provided with a facial feature extraction program for carrying out facial image feature extraction on the target face image and obtaining target facial feature parameters, wherein the implementation process of facial image feature extraction belongs to the conventional technology and is not repeated. The execution main body is also internally provided with a voiceprint extraction program used for carrying out voiceprint extraction on the target voice segment and obtaining the characteristic parameters of the target voiceprint, wherein the realization process of the voiceprint extraction belongs to the conventional technology and is not repeated.
Associating the target facial feature parameter, the target voiceprint feature parameter, the encrypted data table and the key:
and after the execution main body obtains the encrypted data table, the key, the target face characteristic parameter and the target voiceprint characteristic parameter, associating the four data information, so that the four data information correspond to each other. In this embodiment, in order to implement reliable association, a data storage database is constructed according to the target facial feature parameter, the target voiceprint feature parameter, the encryption database and the secret key, where the data storage database includes four kinds of data information, namely, the target facial feature parameter, the target voiceprint feature parameter, the encryption database and the secret key, so that the four kinds of data information have corresponding relationships.
Acquiring an actual face image of a data extraction person and an actual voice segment of the data extraction person:
when data extraction is carried out, the execution main body collects data through the face image collecting equipment to extract face images of people, and the face images are actual face images, and an actual voice section of the data extraction people is collected through the voice collecting equipment. The text corresponding to the actual speech segment may be the same text as the text corresponding to the target speech segment, that is, the actual speech segment and the target speech segment may be speech signals obtained by reading the same text aloud.
Extracting facial image features of the actual facial image to obtain actual facial feature parameters, extracting voiceprint of the actual voice segment to obtain actual voiceprint feature parameters:
the execution main body extracts the facial image characteristics of the actual facial image according to the facial characteristic extraction program to obtain actual facial characteristic parameters, and performs voiceprint extraction on the actual voice section according to the voiceprint extraction program to obtain actual voiceprint characteristic parameters. It should be understood that the facial feature extraction program and the voiceprint extraction program may be the facial feature extraction program and the voiceprint extraction program described above, and are not described in detail.
Comparing the actual facial feature parameters with the target facial feature parameters, and comparing the actual voiceprint feature parameters with the target voiceprint feature parameters:
and after the execution main body obtains the actual facial feature parameters and the target facial feature parameters, comparing the actual facial feature parameters with the target facial feature parameters, further inputting the actual facial feature parameters into a data storage database, and comparing the actual facial feature parameters with the target facial feature parameters. Specifically, the similarity between the actual facial feature parameters and the target facial feature parameters, namely the matching degree, is obtained by comparing the actual facial feature parameters with the target facial feature parameters, and the higher the similarity is, the more similar the actual facial feature parameters and the target facial feature parameters are represented.
And after the execution main body obtains the actual voiceprint characteristic parameters and the target voiceprint characteristic parameters, comparing the actual voiceprint characteristic parameters with the target voiceprint characteristic parameters, further inputting the actual voiceprint characteristic parameters into a data storage database, and comparing the actual voiceprint characteristic parameters with the target voiceprint characteristic parameters. Specifically, the similarity between the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter is obtained by comparing the actual voiceprint characteristic parameter with the target voiceprint characteristic parameter, namely, the higher the similarity is, the more similar the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter is represented.
It should be understood that comparing the similarity of the two facial feature parameters and the similarity of the two voiceprint feature parameters belongs to the conventional technical means, and the detailed description is omitted.
If the similarity between the actual facial feature parameter and the target facial feature parameter is greater than or equal to a preset facial feature similarity threshold, and the similarity between the actual voiceprint feature parameter and the target voiceprint feature parameter is greater than or equal to a preset voiceprint feature similarity threshold, outputting the encrypted data table and the secret key:
two thresholds are preset in the execution main body, which are a face feature similarity threshold and a voiceprint feature similarity threshold respectively, and the two thresholds are set according to actual needs, for example, both are set to 90%.
By comparison, if the similarity between the actual facial feature parameter and the target facial feature parameter is greater than or equal to the preset facial feature similarity threshold, it indicates that the actual facial feature parameter is highly similar to the target facial feature parameter, and it can be determined that the actual facial feature parameter and the target facial feature parameter correspond to the same facial image, that is, correspond to the same person, that is, the data extraction person is a person having data access authority. Similarly, if the similarity between the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter is greater than or equal to the preset voiceprint characteristic similarity threshold, it indicates that the actual voiceprint characteristic parameter is highly similar to the target voiceprint characteristic parameter, and it can be determined that the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter correspond to the same voiceprint, that is, correspond to the same person, that is, the data extraction person is a person having data access authority.
Therefore, if the similarity between the actual facial feature parameter and the target facial feature parameter is greater than or equal to the preset facial feature similarity threshold value, and the similarity between the actual voiceprint feature parameter and the target voiceprint feature parameter is greater than or equal to the preset voiceprint feature similarity threshold value, it indicates that the data extraction personnel is the personnel with the data access right, the authentication is passed, and the encrypted data table and the secret key are output. And the data extraction personnel can decrypt the encrypted data table according to the secret key to realize data extraction.
In this embodiment, in order to further improve the storage reliability, the big data secure storage method further includes the following steps:
storing the PDF encrypted file into a memory database, and backing up the PDF encrypted file into a disk database at the same time:
the execution main body is provided with a memory database and a disk database, after a PDF encrypted file is obtained through encryption, the PDF encrypted file is stored in the memory database, and the PDF encrypted file is backed up in the disk database at the same time. The memory database is a database which directly operates by placing data in a memory, and compared with a magnetic disk, the data reading and writing speed of the memory is higher by several orders of magnitude, and the application performance can be greatly improved by storing the data in the memory compared with accessing from the magnetic disk.
Detecting the storage duration of the PDF encrypted file in the memory database:
after the PDF encrypted file is stored in the memory database, a certain storage duration exists in the memory database, that is, a time period from the storage start time to a certain time later. The execution main body is provided with a storage duration detection program for detecting the storage duration of the PDF encrypted file in the storage database, and the storage duration can be detected according to a certain detection period.
Comparing the storage time length of the PDF encrypted file in the memory database with a preset storage time length, and deleting the PDF encrypted file from the memory database when the storage time length of the PDF encrypted file in the memory database is longer than the preset storage time length:
a preset storage time length is preset in the execution main body and used for realizing subsequent judgment, and specific numerical values are set according to actual needs. The execution main body compares the storage time length of the PDF encrypted file in the memory database with a preset storage time length after detecting the storage time length of the PDF encrypted file in the memory database every detection period, and deletes the PDF encrypted file from the memory database when the storage time length of the PDF encrypted file in the memory database is larger than the preset storage time length. Accordingly, only the PDF encrypted files in the disk database are retained. Therefore, PDF encrypted files are initially stored in two different databases at the same time, so that the reliability of data storage can be improved, and the risk of data loss is reduced; the memory database has high read-write performance, the PDF encrypted file is stored in the memory database, the storage efficiency and the storage reliability can be effectively improved, the risk of data loss is reduced, the read-write performance of the disk database is relatively low, but the storage capacity is generally large. When the storage duration is longer than the preset storage duration, the PDF encrypted files in the memory database are deleted, the data storage amount in the memory database is reduced, the storage performance of the memory database is further improved, the data volume in the disk database is reserved, the disk database can meet the requirement of storage capacity, and even if the PDF encrypted files in the memory database are deleted, data loss cannot be caused. Therefore, the memory database is a temporary storage area, which is equivalent to a cache area, and the reliability and the safety of data storage are realized by taking the memory database as the temporary storage area and combining the advantages of the memory database and the disk database.
The above-mentioned embodiments are merely illustrative of the technical solutions of the present invention in a specific embodiment, and any equivalent substitutions and modifications or partial substitutions of the present invention without departing from the spirit and scope of the present invention should be covered by the claims of the present invention.

Claims (4)

1. A big data secure storage method is characterized by comprising the following steps:
acquiring initial data information;
classifying the initial data information to obtain N-type data information, recording the data types of various sub-data information, and associating each data type with each sub-data information; wherein N is more than or equal to 2;
establishing an initial blank data table, wherein the initial blank data table comprises N sub data filling sub tables, each sub data filling sub table corresponds to each sub data information one by one, and each sub data filling sub table comprises a sub data information filling area and a sub data type filling area;
for any seed data information, filling the sub data information into a sub data information filling area in a corresponding sub data filling sub table, and filling the data type into a sub data type filling area in a corresponding sub data filling sub table to obtain a target data table;
encrypting the target data table according to a preset encryption algorithm to obtain an encrypted data table, and generating a key for decrypting the encrypted data table;
acquiring a target face image of a person with data access authority and a specific target voice segment of the person with the data access authority;
extracting facial image features of the target face image to obtain target facial feature parameters, and extracting voiceprints of the target voice segment to obtain target voiceprint feature parameters;
associating the target facial feature parameter, the target voiceprint feature parameter, the encrypted data table and the key;
acquiring an actual face image of a data extraction person and an actual voice section of the data extraction person;
extracting facial image features of the actual facial image to obtain actual facial feature parameters, and extracting voiceprint of the actual voice segment to obtain actual voiceprint feature parameters;
comparing the actual facial feature parameters with the target facial feature parameters, and comparing the actual voiceprint feature parameters with the target voiceprint feature parameters;
and if the similarity between the actual face characteristic parameter and the target face characteristic parameter is greater than or equal to a preset face characteristic similarity threshold value, and the similarity between the actual voiceprint characteristic parameter and the target voiceprint characteristic parameter is greater than or equal to a preset voiceprint characteristic similarity threshold value, outputting the encrypted data table and the secret key.
2. The big data secure storage method according to claim 1,
the encrypting the target data table according to a preset encryption algorithm to obtain an encrypted data table and generating a key for decrypting the encrypted data table includes:
carrying out format conversion on the target data table, and converting the target data table into a PDF file;
and encrypting the PDF file according to the encryption algorithm to obtain a PDF encrypted file, wherein the PDF encrypted file is the encrypted data table, and the secret key is used for decrypting the PDF encrypted file.
3. The big data secure storage method according to claim 2, further comprising:
storing the PDF encrypted file into a memory database, and backing up the PDF encrypted file into a disk database at the same time;
detecting the storage duration of the PDF encrypted file in the memory database;
and comparing the storage time length of the PDF encrypted file in the memory database with a preset storage time length, and deleting the PDF encrypted file from the memory database when the storage time length of the PDF encrypted file in the memory database is longer than the preset storage time length.
4. The big data secure storage method according to claim 1, wherein the associating the target facial feature parameter, the target voiceprint feature parameter, the encrypted database and the key comprises:
constructing a data storage database according to the target facial feature parameters, the target voiceprint feature parameters, the encryption database and the secret key, wherein the data storage database comprises the target facial feature parameters, the target voiceprint feature parameters, the encryption database and the secret key;
correspondingly, the comparing the actual facial feature parameters with the target facial feature parameters, and the comparing the actual voiceprint feature parameters with the target voiceprint feature parameters includes:
inputting the actual facial feature parameters into the data storage database, comparing the actual facial feature parameters with the target facial feature parameters, inputting the actual voiceprint feature parameters into the data storage database, and comparing the actual voiceprint feature parameters with the target voiceprint feature parameters.
CN202010538821.6A 2020-06-13 2020-06-13 Big data safe storage method Withdrawn CN111695155A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010538821.6A CN111695155A (en) 2020-06-13 2020-06-13 Big data safe storage method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010538821.6A CN111695155A (en) 2020-06-13 2020-06-13 Big data safe storage method

Publications (1)

Publication Number Publication Date
CN111695155A true CN111695155A (en) 2020-09-22

Family

ID=72480857

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010538821.6A Withdrawn CN111695155A (en) 2020-06-13 2020-06-13 Big data safe storage method

Country Status (1)

Country Link
CN (1) CN111695155A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109063438A (en) * 2018-08-06 2018-12-21 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of data access method, device, local data secure access equipment and terminal
CN110298196A (en) * 2019-07-06 2019-10-01 温州中壹技术研究院有限公司 A kind of electronic information security storage system and storage method
CN110502515A (en) * 2019-08-15 2019-11-26 中国平安财产保险股份有限公司 Collecting method, device, equipment and computer readable storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109063438A (en) * 2018-08-06 2018-12-21 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of data access method, device, local data secure access equipment and terminal
CN110298196A (en) * 2019-07-06 2019-10-01 温州中壹技术研究院有限公司 A kind of electronic information security storage system and storage method
CN110502515A (en) * 2019-08-15 2019-11-26 中国平安财产保险股份有限公司 Collecting method, device, equipment and computer readable storage medium

Similar Documents

Publication Publication Date Title
Breebaart et al. A reference architecture for biometric template protection based on pseudo identities
US8230496B2 (en) Method for improving security of the security token and apparatus therefor
CN104917769B (en) A kind of electronic health record endorsement method and device
KR100949801B1 (en) Apparatus and method for polynomial reconstruction in fuzzy vault system
CN102081813B (en) Face identification intelligent safety door
CN100455267C (en) Method for recording identification of fetus sexes through B ultrasonic
Paulini et al. Multi-Bit Allocation: Preparing Voice Biometrics for Template Protection.
Gobi et al. A secured public key cryptosystem for biometric encryption
CN1655505A (en) Bank cashier safety system and method
CN102385673B (en) Human body lock
CN206249318U (en) A kind of encryption identity card Intelligent Recognition management system
CN111695155A (en) Big data safe storage method
Kamal et al. A symmetric bio-hash function based on fingerprint minutiae and principal curves approach
Choras Ear Biometrics.
CN111859345A (en) Computer data safety storage system
WO2011113326A1 (en) Person identity identification system
Liu et al. Biohashing for human acoustic signature based on random projection
Cimato et al. Privacy in biometrics
CN111475847B (en) Medical big data processing method
CN202838367U (en) Security identity card fingerprint authentication device
Sonkar et al. Cancelable iris biometric: A review
CN110650007B (en) Encryption method and system based on brain consciousness
CN109241786A (en) A kind of independent flash card
CN109657536A (en) A kind of identity identifying method and system merging bio-identification and cryptographic technique
US20230222196A1 (en) Biometric template translation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20200922